Sunday, 13 September 2015

Malware Late ATM Debit Card On Command Swallow


Malware for ATMs exists already for years, but now researchers have discovered a variant that is able to command the ATM debit cards to make swallowing, so that criminals can then retrieve. Reported that the US security firm FireEye.

The malware is "Suceful" and is probably the end of August developed. The name comes from a type of mistake made by the authors, says analyst Daniel Regalado. According to Regalado, the malware may still be in the development stage, but it features "shocking" features not previously seen in ATM malware.

So the malware can all the information from the magnetic strip reading, reading data from the chip of the card, the debit card on command ingestion and the sensors off in the ATMs, so as to avoid detection. To communicate with the ATM malware uses a number of application programming interfaces (APIs) called XFS, which stands for "extensions for financial services". By using these APIs, the equipment in the vending machine to communicate with each other. The Ploutus-malware for ATMs made use of XFS.

The advantage of XFS is that it works independently of the supplier. Suceful can also infect ATMs from multiple vendors.How the infection is precisely carried out is unknown. In the past, it turned out that criminals often had physical access to the ATM and the malware installed via CD-ROM or USB stick.

No comments:

Post a Comment